Clamd permission error
campbell at cnpapers.com
Wed Apr 25 17:07:02 IST 2012
I'm not sure what fixed it. I have the /var/spool/MailScanner/incoming
directory owned by clamav.clamav with 755 as the mod.
One thing I had to do was turn off TNEF completely. It didn't matter
which one I used, internal or external, there were just some of those
winmail.dat files that would blow off MailScanner. It's a risk, I know,
but that seemed to help a lot.
I see a ton of files in
/var/spool/MailScanner/incoming/SpamAssassin-Temp hanging around from
older dates, but those don't seem to be hurting anything and I'll just
delete them soon. These are partially old tnef* files, but some are
named tmp.XXXXXXX. They are all owned by root.root, so there's still a
little going on.
Sorry to be so flaky on the answer. Wish I could remember what really
fixed it. But I'd start with this and make sure your clamd.conf and
MailScanner.conf lines up with each other.
I seem to recall that the MailWatch instructions for recommendations on
owner and group ownership and permissions really had me spinning for a
while. so you have to read those carefully if you use MW. It's straight
forward, I think, but I had a mess on my hands for a while until I
started reading slower. Us old guys can't seem to handle as much as we
used to do.
If you need more, PM me or whatever and I'll go through all the files.
On 4/25/2012 11:42 AM, Richard Mealing wrote:
> Hi Steve,
> Old thread I know, but did you fix this in the end? I'm having this
> exact problem now and am thinking of changing the incoming folder to
> 0640 also.
> *From:*mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] *On Behalf Of
> *Steve Campbell
> *Sent:* 18 November 2011 18:56
> *To:* MailScanner discussion
> *Subject:* Re: Clamd permission error
> Maybe I see the problem.
> Should the "incoming" folder itself be modded 640 instead of 600?
> I'll change it since it shouldn't matter.
> On 11/18/2011 1:43 PM, Steve Campbell wrote:
> I don't think anything that matters isn't 640 mod and clamav.clamav
> owned. The individual files created in the incoming directory are
> owned by clamav as well. An example:
> incoming]# ls -al
> total 2912
> drwx------ 8 clamav clamav 4096 Nov 18 13:42 .
> drwxr-xr-x 4 root root 4096 May 18 2004 ..
> drwxr-x--- 2 clamav clamav 4096 Sep 9 07:02 26632
> drwxr-x--- 4 clamav clamav 4096 Nov 18 13:41 5625
> drwxr-x--- 4 clamav clamav 4096 Nov 18 13:41 5632
> drwxr-x--- 7 clamav clamav 4096 Nov 18 13:41 5654
> drwxr-x--- 2 root root 4096 Nov 18 11:14 Locks
> -rw------- 1 root root 17408 Nov 18 13:41 Processing.db
> -rw------- 1 root root 2722816 Nov 18 13:42
> drwx------ 2 root root 200704 Nov 18 13:41 SpamAssassin-Temp
> Seems to me to be as it should be or those "Number" folders couldn't
> be created.
> On 11/18/2011 1:15 PM, Martin Hepworth wrote:
> Double check nothing has altered any of the permissions further up the
> tree and the clamd user can access the files
> On Friday, 18 November 2011, Steve Campbell <campbell at cnpapers.com
> <mailto:campbell at cnpapers.com>> wrote:
> > I'm pretty certain I looked through there. The settings are spread
> out all across the config file, so I might have missed one (or four).
> I just don't understand why I'm seeing this now (just one email)
> without having changed anything.
> > Thanks for all the help from everyone.
> > steve
> > On 11/18/2011 11:07 AM, Martin Hepworth wrote:
> > yes you need to look carefully at the mailscanner.conf settings for
> permssions etc. Theres good documentation in the file about running
> clamdd and the things you need to setup
> > --
> > Martin Hepworth
> > Oxford, UK
> > On 18 November 2011 14:53, Milenko Letic <mikoletic at gmail.com
> <mailto:mikoletic at gmail.com>> wrote:
> >> this is mod in my MailScanner.conf :
> >> Incoming Work Permissions = 0644
> >> maybe , maybe not help, but wish you luck
> >> On Fri, Nov 18, 2011 at 3:43 PM, Steve Campbell
> <campbell at cnpapers.com <mailto:campbell at cnpapers.com>> wrote:
> >>> I'm getting the following error in my logs:
> >>> Clamd::ERROR:: lstat() failed: Permission denied.
> ERRORClamd::ERROR:: lstat() failed: Permission denied......
> >>> Looking back, I found a thread suggesting I should switch to the
> internal tnef expander, which I am trying now, and to ensure the
> "incoming" directory is accessible by the clam user (clamav). I've
> followed the suggestions in the MailScanner.conf file for the
> situation I am running under. The temp folders under the incoming
> directory, along with the incoming folder itself, where the
> winmail.dat is expanded IS owned by clamav.
> >>> So I'm wondering if the 0640 mod on the folders is the proper mod.
> Should there be any sticky bits or anything set?
> >>> Just curious, since this seems to be the first time I've run into
> this and I've been using MS for years.
> >>> steve campbell
> >>> --
> >>> MailScanner mailing list
> >>> mailscanner at lists.mailscanner.info
> <mailto:mailscanner at lists.mailscanner.info>
> >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>> Before posting, read http://wiki.mailscanner.info/posting
> >>> Support MailScanner development - buy the book off the website!
> >> --
> >> MailScanner mailing list
> >> mailscanner at lists.mailscanner.info
> <mailto:mailscanner at lists.mailscanner.info>
> >> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >> Before posting, read http://wiki.mailscanner.info/posting
> >> Support MailScanner development - buy the book off the website!
> Martin Hepworth
> Oxford, UK
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the MailScanner